Table of Contents:
Last updated on: September 2, 2022
There are a lot of things that can ruin your brand’s website performance, but nothing is quite as devastating as watching your website drop in search engine results and have it replaced by a lookalike, scam website.
Scammers now use blackhat SEO techniques, website impersonation, and URL hijacking to trick people into visiting malicious websites with URLs that are just common misspellings of genuine brand websites.
For brands, the consequences of URL hijacking can be deadly – right from loss of revenue to decreased sales and customer loyalty.
Therefore, it is crucial to protect your brand and avoid URL hijacking at all costs. In this article, we discuss:
Also known as typosquatting, URL hijacking involves targeting people on the internet who incorrectly type a website’s domain name in the browser.
Scammers register domain names that may seem similar to the original brand name, except there is a small typo in the domain that can be easily missed. For instance, scammers could register facebo0k.com instead of facebook.com.
In some cases, scammers also register domain names with the same name as that of the brand, but with a different top-level domain extension. For instance, the original website may be yourbrandname.com and the scammers could register its variation with yourbrandname.co.uk
URL hijacking is mostly used to create fake websites that impersonate the look and feel of the main brand website so unsuspecting users don’t realize they are actually on a fake website instead of the original one.
Here are some of the different ways that hackers can use URL hijacking:
Sale of counterfeit products: These fake websites can sell counterfeit products by posting original product images and descriptions. Since the fake website looks exactly like the original one, customers don’t realize they are buying counterfeits until they receive the products. Even then, many customers may just assume that the brand offers low-quality products.
Bait and switch: A URL hijacked website that claims to sell the same product as the genuine website. But after you make a purchase on the website, the product never gets delivered.
Stealing personal data: Scammers created an exact replica of the original websites to steal the personal information of customers like their email addresses, phone numbers, and credit card details.
Malware: These URL hijacked websites can also be dangerous as they can automatically download malicious malware onto the devices of the website visitors and then steadily steal all of their personal information.
Bypassing traffic: Scammers can use ads and blackhat SEO techniques on search engine results to rank higher than the original website and bypass traffic to the fake website.
Affiliate fraud: Scammers create a URL hijacked website just with the goal to redirect traffic to the original website through their own affiliate links. The scammers in this case get a commission for all the purchases made by users that were redirected, as per the brand’s affiliate program.
Search engine optimization is usually one of the main goals when a brand sets up their website on the world wide web. You optimize content and employ several SEO strategies to eventually get a top position in search engine results. After all, over 53 percent of trackable website traffic comes directly from organic search.
But imagine all that hard work going down the drain as you find an impersonated website ranking higher than yours. Instead of the original website, a fake website with a similar domain name as yours is chipping away from the organic traffic that you should be getting.
Google can also penalize websites that are too similar or have plagiarized content. But when there is no way to directly confirm which website is the original, your website could be hidden or delisted entirely from the search engine results just because a scammer decided to copy it.
Here are some of the other ways URL hijacking can impact your brand:
URL hijacking is also called typosquatting. It refers to registering domains of established brand names with a typo in them. Apart from impersonating websites, scammers can also register domain names with the aim of reselling them back to the brands in the future to make a profit, this is called cybersquatting.
Get an SSL certificate for your website: SSL certificates help signal search engines that your website is genuine. It also tells end users that their data is protected even when making payments or sharing sensitive information. A website without an SSL certificate isn’t just marked as unsafe by Google, but it can also be a clear sign for users that the website probably isn’t genuine.
Register different country top-level domain names: Register different top-level domains and even register common mistyped versions of your brand name/ trademark. You can then redirect all those different domains back to your original website.
Monitor URL hijacking in real-time: Constantly look out for any URL hijacking attempts and shut down scam websites before they can cause any damage to your brand.
Of course, tracking down fraud websites and reporting them can be incredibly challenging and time-consuming, especially when you are already busy managing your core business operations.
Instead, you can use Red Points’ Domain Management Solution that can actively detect fraud websites infringing on your intellectual property and get them taken down. Red Points can also make transfer requests, follow up with domain owners, and submit complaints.
URL hijacking is one of the most popular ways for scammers to attack brands, primarily because it works. Buying a domain name and setting up a website has now become easier than ever due to the many online website builders.
For brands, it’s not just important to track fraud websites but to also take them down.
It's no secret that the global COVID-19 pandemic has fueled a major increase in cybercrime,…
Domain management is a key element of protecting your brand in today’s digital world. A…
Website impersonation is becoming an increasingly automated process and bad actors don’t even have to…